1. Field of the Invention
The present invention relates to an apparatus, method and computer program product for encrypting and decrypting information data being handled among computers.
2. Description of the Related Art
A computer has so far been utilized within a closed environment such as an office, or a limited local area. In accordance with the development of a computer network system and the diffusion of the Internet technology, the computer is now able to communicate with any other computers located all over the world if a connection is properly established. Any computer user may operate the computer so as to handle with information data being communicated among the computer network system whatever available in the world regardless of where he or she is operating the computer.
The greatest benefit of such computer network system is that any information data can be distributed without regulation. There may be, however, provided confidential matters contained in those information data being distributed among computers. Many of those confidential matters are required to be protected against unauthorized use and tampering by a third party with malice.
A LAN (local area network) is equipped with an access control security called “fire wall” to restrict accesses from outside computers into the LAN network system to a certain degree so as to protect the computer network system from unauthorized accesses.
Although such security is constructed in the LAN, the computer network system is still vulnerable to a third person with malice who slickly attempts to break in the fire wall and steal confidential information data in a manner such as: tapping of data being communicated among computers; penetration by illegally obtaining other person's ID and password, and passing themselves off as if an authorized user with the thus illegally obtained person's ID and password; illegal access via other server; and intrusion through Remote Access Service (RAS), which is a maintenance dedicated line.
Furthermore, a person concerned with and in the know about the security may take out information data or leak secret information data although there is provided a robust security system. In the case, it is impossible to protect information data against unauthorized use or tempering regardless of however robust the security system is. As a matter of fact, it happened that a person in a company committed a crime of sneaking out company's clients' lists and selling them to an agency which commercially deals with the clients' name lists.
Needless to mention that any information data being communicated among computers may be easily leaked out owing to insufficient security called “security hole” unless the computer network system is constantly monitored and maintained.
The number of personal computers constantly connected with a computer network system is steadily growing in accordance with the spread of broadband communication systems lines. It is anticipated that information data being communicated among personal computers will be targeted for unauthorized use or tampering by a third party with malice in the near future.
Conventionally, if a file contains one information data portion that must be treated as confidential, all of the information data portions in the file have been encrypted by an encryption method to guard the confidentiality. Here, “a data portion” means a unit of a data piece in any format being communicated with computers, which will be described hereinlater. “All of information data portions in a file are encrypted” means that all of the information data portions in the file are converted in a certain conversion method so that all of the data portions in the file are virtually undecipherable. For brevity, a file containing one or more data portions will be hereinlater referred to as “a file portion”. The thus encrypted file portions are not restored to the original readable state until the encrypted file portions are converted again in a reversed method from the aforesaid conversion method (hereinlater referred to as “decryption”).
Accordingly, the confidential matters of the file portions will not be leaked out since the file portions have been encrypted even if the file portions are stolen by a third party with malice. This leads to the fact that the confidentiality of the file is ensured unless the decryption method is leaked.
The conventional encryption and decryption methods, however, require longer time to encrypt or decrypt file portions in accordance with the increase in the size of the file portions because of the fact that the conventional encryption and decryption methods encrypt and decrypt all of the data portions in the file.
Furthermore, the conventional encryption and decryption methods encrypt and decrypt a database, by cutting off reciprocal relationships among data portions since the encryption and decryption methods encrypt all of the data portions in the database. Accordingly, thus encrypted database will be unable to permit a database user to perform a data search function and a data realignment function, which are major features of database.